This invention relates generally to the field of software security, and more specifically to a method and system enabling trustworthy computing without hardware assistance.
A Trusted Platform Module (TPM) specification was created by the Trusted Computing Group (TCG) as an industry specification to create trust in computing platforms. The specification defines a TPM as a microcontroller, a hardware device that stores keys, passwords and digital certificates. However, a need exists for a software system that can provide a similar set of features as those offered by hardware TPMs, but without requiring the presence of a hardware TPM device.
There is also a need for a computer service to enable the same application to run on TPM-enabled and non-TPM-enabled machines with comparable levels of security. There is also a need for an automated protection mechanism to securely insert TPM hooking functionality into legacy applications without dependence on source code, and to safely and strongly bind applications to a TPM. It is preferable for this computer service to enable an application to execute safely by leveraging TPM functionality even when that TPM device did not ship with a secret key pre-programmed; i.e. when the TPM key was provided by the user.
The Software Root of Trust (SRT) is a collection of techniques that enable trustworthy computing without hardware assistance. The SRT provides a “Soft” Trusted Platform Module (STPM) that conforms to the Trusted Computing Group (TCG) specifications for Trusted Platform Modules (TPMs), but exists in software. The SRT provides logical data protection to form a software-created shielded location for processing sensitive data. Thus, whenever the TCG specification dictates a certain type of data must only exist or be processed in a shielded location, it will occur within the software root of trust. The SRT can also provide a secure “bridge” between applications and a hardware TPM, when available.
The STPM is a ubiquitous kernel-level software component that provides an abstraction of hardware TPM technology in order to deliver TPM functionality to devices or systems that may or may not have a physical TPM installed. By providing a similar set of features and interoperability with existing TPM solutions, STPMs enable early adopters to leverage the enhanced security afforded by TPM technology without the additional overhead of building the security in-house and supporting multiple devices. All of the STPM components are compliant with the standards set forth by the Trusted Computing Group (TCG) and provide the following features:                1. License management—allows for monitoring of software usage across the enterprise to ensure compliance with license agreements, usage policies, etc.;        2. Content management—can be used for digital rights management, access control, etc.;        3. Policy management—enforces network access and usage policies, security policies, remediation, etc.;        4. Key management—provides strong key-hiding for applications that need encryption/decryption services;        5. System Integrity services—can be used as an integrity measurement collector to test system state, detect malware, etc.; and        6. Anti-Tamper services—provides applications with external protection or guarding services to deliver strong anti-tamper protection capabilities.        
Additional features and advantages of the invention will become apparent to those skilled in the art upon consideration of the following detailed description of exemplary embodiments.